Within the past 24 hours a number of businesses throughout the UK have received extortion demands from an online hacking group.
The group have sent emails demanding payment of 5 Bitcoins to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.
If their demand is not met, they have threatened to launch a Distributed Denial of Service (DDoS) attack against the businesses’ websites and networks, taking them offline until payment is made.
The demand states that once their actions have started, they cannot be undone.
What to do if you’ve received one of these demands?
- Report it to Action Fraud by calling 0300 123 2040 or by using the online reporting tool.
- Do not pay the demand.
- Retain the original emails (with headers).
- Maintain a timeline of the attack, recording all times, type and content of the contact.
If you are experiencing a DDoS right now you should:
- Report it to Action Fraud immediately.
- Call your Internet Service Provider (ISP) (or hosting provider if you do not host your own Web server), tell them you are under attack and ask for help.
- Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports etc.
Get Safe Online top tips for protecting your business from a DDoS:
- Consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place.
- If you consider that protection is necessary, speak to a DDoS prevention specialist.
- Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.